Security News > 2001 > March > Cisco warns of security flaw in IOS software

http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO58279,00.html By DOUGLAS F. GRAY March 02, 2001 Cisco Systems Inc. has warned customers of a flaw in its Internetwork Operating System (IOS) software that could compromise the integrity of TCP traffic sent to and from its routers and switches. The vulnerability exists in all released versions of IOS and affects all Cisco routers and switches running the software, the company said in a security advisory issued Wednesday. Cisco's gear is the most widely used data networking equipment to carry traffic on the Internet. The security flaw allows for the successful prediction of TCP Initial Sequence Numbers, Cisco said. Such numbers are supposed to be randomly generated by a sending machine and its receiving host while setting up a new IOS connection. Once the initial transmission is established, a sequence number is created based on the amount of data transmitted. However, if the initial number isn't random, then it is possible "with varying degrees of success, to forge one half of a TCP connection with another host in order to gain access to that host or hijack an existing connection between two hosts in order to compromise the contents of the TCP connection," Cisco said. No Cisco customers had reported any attacks related to the vulnerability as of yesterday afternoon, a Cisco spokeswoman said. However, one analyst noted that with so much of the Internet running on Cisco equipment, any problem with its networking gear could become significant. "Anything that poses a flaw to Cisco is something to be alarmed about, since they control about 80% of the router market," said Irwin Lazar, senior consultant with analyst firm The Burton Group. "The biggest issue out there is that people don't want to just slap an IOS upgrade in their routers without testing it first, in case another problem popped up when they corrected this one," he said. The flaw affects the security of only TCP connections that originate or terminate on the Cisco device itself, not any traffic that passes through the device in transit, Cisco said. The vendor is offering free software upgrades for affected customers. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".

News URL

http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO58279,00.html